This is a post from the “Teach the Expert” (TTE) series.
If you are looking for an easy way to edit the iSCSI kernel port configuration on the VMware ESXi host, PowerCLI is the ideal solution. In this post, you will learn how to use PowerCLI to configure the iSCSI kernel port and how to enable or disable the iSCSI kernel port. We will also give some examples of using PowerCLI to configure iSCSI kernel port settings. So, let’s get started!
On April 25, 2024, the German VMUG UserCon will open its doors in Frankfurt am Main. It is the first UserCon in Germany since the acquisition of VMware by Broadcom.
The German VMUG UserCon is the annual meeting of the seven local VMUG groups in Germany.
We are particularly pleased to present this year’s keynote speakers.
With Joe Baguley, CTO EMEA, who has already supported us at several previous VMUG events, we were able to win over our preferred candidate early on in the planning phase. Joe is an eloquent and witty speaker who knows how to engage his audience, even with complex topics.
Brad Tompkins, VMUG Executive Director, should be familiar to regular UserCon visitors. This year he will not be joining us via video message as usual, but will be present in person. In view of the many UserCons taking place around the world, it is a special pleasure to welcome him to Frankfurt.
Our third guest is no less than Broadcom President and CEO Hock Tan. His commitment to come to Frankfurt has only been official since the beginning of March and has surprised even the biggest optimists in the organization team. The story behind it all began at last year’s VMUG Leader Reception during VMware Explore in Barcelona. The then-not-yet VMware CEO came to the traditional VMUG Leader Reception as a surprise guest and chatted freely with the leaders about his plans with VMware, VMware Explore and the VMUG. Over a glass of wine, I asked him if he would like to come to Frankfurt for UserCon in 2024. He said yes, if his calendar would allow it, and that we should clarify the details with his office. We took his answer at the time as a polite ‘maybe’ without seriously hoping for it. We would like to take this opportunity to thank the VMUG HQ in the Netherlands for making this appointment possible.
Hock Tan President and CEO, BroadcomJoe Baguley CTO EMEA, VMware by BroadcomBrad Tompkins Executive Director, VMUG
Breakout Sessions
Nevertheless, what would a UserCon be without its presentations in the numerous breakout sessions? In four parallel series of lectures, each with 6 blocks, technical backgrounds are explained and new technologies are presented. Here, too, we were able to attract top-class speakers. These include the well known vRockstars Duncan Epping and Cormac Hogan, who will introduce us to the latest developments in vSAN ESA and DSM 2.0 respectively.
The event will be wrapped up by Björn Brundert (Broadcom). He is also an old familiar face at German UserCons. In 2022, he gave the keynote speech at the first UserCon after the pandemic. His presentation on Tanzu Kubernetes at UserCon 2019, during which the room was about to burst, was also unforgettable.
Björn Brundert VMware Principal Technologist
Registration und Key Data
Die Veranstaltung findet statt in Frankfurt am Main im Kap Europa (Osloer Str. 5, 60327 Frankfurt am Main). Die Teilnahme und Registrierung ist kostenlos.
The event will take place in Frankfurt at Kap Europa (Osloer Str. 5, 60327 Frankfurt am Main). Participation and registration is free.
As part of my work as a trainer, I often come across questions on topics that are only covered in passing or not at all in the course. This series of articles provides trainee IT experts with tools for everyday use.
Intro – What are Diskgroups?
VMware vSAN OSA (original storage architecture) structures the vSAN datastore into disk groups (DG). Each vSAN node can contain up to 5 disk groups. Each of these disk groups consists of exactly one cache device (SSD) and at least one to a maximum of 7 capacity devices per group. These may be either magnetic disks or SSDs, but no combination of the two. We differentiate between cache tier and capacity tier.
Disk groups can be managed using the graphical user interface (GUI). However, there are situations where disk group management on the command line interface (CLI) is necessary or more appropriate.
UUID
Each disk device of a vSAN cluster (OSA) has a universally unique identifier (UUID).
We can list all devices of a vSAN node on the CLI with this command:
esxcli vsan storage list
The sheer amount of information may be a bit too much and we only want to display the lines containing the UUID.
esxcli vsan storage list | grep UUID
We receive a list of all disk devices in the vSAN node. We also receive the UUID of the disk group to which the device is assigned.
If you take a closer look at the output, you will notice that there are some devices whose UUID is identical to the UUID of the diskgroup. Is this a contradiction to the statement that the UUID is unique? No. These are cache devices. Each diskgroup in vSAN OSA consists of exactly one cache device. The disk group adopts the UUID of its cache device. In this way, we can quickly distinguish a cache device from a capacity device.
Originally, this article was supposed to be called “The role paradox”. On further reflection, I came to the conclusion that this is not a paradox in the true sense of the word. The vCenter is just doing its job.
Authorizations under vSphere are basically simple (as long as we do not want to use restricted authorizations). If we are a member of the administrator group and have unrestricted access to all objects in the data center, privileges and roles are quickly explained.
Definition of terms
A privilege is the smallest unit. It allows the execution of a very specific action.
A role is a collection of privileges. The administrator role contains all available privileges. The no-access role, on the other hand, does not contain any privileges. “No access” is not to be understood here as an explicit denial, but as a lack of privileges. What may initially seem like a semantic quibble is an important difference to other authorization concepts such as Active Directory.
Missing privillege != denial
A permission is always made up of three components: A vSphere object, a role and a user or user group. A user (or a group) can have different roles on different objects. Permissions on objects can be propagated to child objects.
The challenge
Things get interesting when I assign rights globally, but then want to restrict them to certain objects.
Example: The administrators group should have access to all objects, with the exception of some VMs in a defined VM folder. Sounds simple – but it’s not.
I became aware of the problem described here through my colleague Alexei Prozorov, who came across this phenomenon in a customer project. The topic was so interesting that I had to recreate it in the laboratory.
